//package com.pubinfo.passbook.shiro.filter;
//
//import java.io.IOException;
//import java.io.PrintWriter;
//import javax.servlet.ServletRequest;
//import javax.servlet.ServletResponse;
//import javax.servlet.http.HttpServletResponse;
//
//import com.alibaba.fastjson.JSON;
//import com.pubinfo.passbook.common.model.vo.base.JsonResult;
//import com.pubinfo.passbook.common.model.vo.base.ResultCode;
//import org.apache.shiro.subject.Subject;
//import org.apache.shiro.web.filter.authz.RolesAuthorizationFilter;
//
///**
// * 重新onAccessDenied 实现shiro对未授权的页直接返回json 而不是重定向
// *
// * @author sirm
// */
//public class ShiroRolesAuthorizationFilter extends RolesAuthorizationFilter {
//  @Override
//  protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws IOException {
//    HttpServletResponse resp = (HttpServletResponse) response;
//    resp.setContentType("application/json; charset=utf-8");
//    PrintWriter out = resp.getWriter();
//    resp.setCharacterEncoding("utf-8");
//    Subject subject = getSubject(request, response);
//    JsonResult result = null;
//    // 没有认证,先返回未认证的json
//    if (subject.getPrincipal() == null) {
//      result = JsonResult.error(ResultCode.UNAUTHORIZED);
//    } else {
//      // 已认证但没有角色，返回为授权的json FORBIDDEN
//      result = JsonResult.error(ResultCode.FORBIDDEN);
//    }
//    out.write(JSON.toJSONString(result));
//    out.flush();
//    out.close();
//    return false;
//  }
//
//}
